A Cyber-Information Operations Offset Strategy for Countering the Surge of Chinese Power Pt. 2

The following is a two-part series on how the U.S. might better utilize cyberspace and information operations as a Third Offset. Part I evaluated current offset proposals and explores the strategic context. Part II provides specific cyber/IO operations and lines of effort. Read Part One here.

By Jake Bebber

Targeting China’s ability to control information is an efficient means to offset Chinese power. To be effective, the United States should adopt a “whole of government” approach, leveraging cyberspace and other information related capabilities that can hold China’s domestic internet filtering, censorship, and information dissemination capabilities at risk. This campaign should operate across the entire spectrum of conflict and engagement, from public diplomacy and strategic communication, to battlespace preparation, limited conflict, and if de-escalation is unsuccessful, full-spectrum military operations. It will likely require coordination and administration at the highest civilian leadership level. This will be a long-term campaign aiming to counter China during the critical window in the next ten to twenty years when Chinese economic and military power will surge, and then subside as demographic factors limit its growth causing China to enter into a period of decline and inherently shifts its focus inward to to maintain stability.

The United States will have to address three broad issues: access, authorities, and capabilities. Internet access into China is restricted from the outside, and it is reasonable to assume that during a period of rising tensions or even conflict, traditional means of accessing China’s “red space” (civilian, military, and government networks) will not be available. The U.S. will need alternative avenues into Chinese networks, which may take the form of radio frequency injection into wireless networks (Bluetooth, WiFi and WiMAX)[i] to other methods targeting the physical and logical network layers and cyber-persona layers[ii] of cyberspace for preplacement of access.

The Three Layers of Cyberspace [iii].

The authority of the U.S. government to operate in cyberspace crosses boundaries and jurisdictions, and largely depends on the function of the agency or entity. Traditional military activities conducted by the Department of Defense are covered under Title 10 of U.S. Code, with the principal being the Secretary of Defense. Other titles supporting cyberspace operations include foreign intelligence collection (Title 50), domestic security (Title 6), law enforcement (Title 18) and government information technology security and acquisition (Title 40).[iv] These authorities will have to be aligned and deconflicted.

The capabilities required run the spectrum. They can include fully attributable on-net operations, such as a Foreign Service Officer participating in an online forum or social network to communicate U.S. policy, to the development of tools and malware that can degrade and disrupt command and control networks. Other possibilities include the distribution of encrypted personal communication devices and unattributable social media and organizing applications that permit dissident groups within China to maintain situational awareness.

There have been attempts to respond to China’s growing Internet censorship capabilities by those in the telecommunications industry and by the U.S. government. The Global Network Initiative was started in 2008 by industry, civic organizations, and universities to “promote best practices related to the conduct of U.S. companies in countries with poor Internet freedom records.” In 2011, the President issued the “International Strategy for Cyberspace.” Its goals include “enabling continued innovation for increasing economic activity, increasing individuals’ ability to communicate with one another, safeguarding freedom of expression, association, and other freedoms, and enhancing both individual privacy and national and international security.” The U.S. Department of State includes Internet freedom as a part of its global human rights agenda. In 2006, State formed the Global Internet Freedom Taskforce which later became the NetFreedom Taskforce, to coordinate State Department efforts monitoring Internet freedom. Both the State Department and U.S Agency for International Development have received funding for the development of Internet censorship circumvention technologies, training of non-government organizations and activists, media assistance, and leading international policy formulation on Internet freedom.[v]

The Broadcasting Board of Governors, which oversees the Voice of America (VOA) and Radio Free Asia (RFA) programs, also supports counter-censorship and circumvention software development and distribution. The VOA sends daily emails to “8 million Chinese citizens … with international and domestic news stories as well as information about how to use proxy servers.” The RFA has implemented the Freedom2Connect program to “research, develop, and deliver online tools for Internet users in China to securely browse online and send secure e-mail.”[vi]

While important, the current response by industry and government lacks both the senior policy coordination required of a grand strategy or adequate funding to keep up with China’s growing Internet monitoring and censorship capabilities. They do not fully leverage other assets and tools at America’s disposal. The U.S. can and should be doing much more to attack China’s critical vulnerabilities in information control.

Lines of Effort

Public Diplomacy – At the interagency level, the United States should continue pursuing bilateral, multilateral, and international agreements such as those mentioned above which promote freedom of information, expression and freedom from government oversight and censorship. The U.S. should also continue to strengthen international regimes against cybercrime and intellectual property theft. Internet norms and rules should be standardized across political boundaries where practical. This diplomatic effort ties into longstanding American policy of supporting freedom of speech and protection of universal human rights.

Economic Policy and Trade – Here again, longstanding American policy supporting property rights and free trade legitimize the continued advocacy of international agreements and accords promoting freedom in cyberspace. At the same time, the U.S. must tighten technology export controls to nations like China that continue to restrict access. In the event of industrial espionage or even cyber-attack, the U.S. can impose real economic costs and sanctions. The U.S. can also move on the Global Online Freedom Act, which would, among other things, prohibit U.S. companies from cooperating with foreign governments that engage in censorship or human rights abuses, require the U.S. Trade Representative to report on trade-related issues that arise out of a foreign government’s censorship policies, and impose export controls on telecommunications equipment that can be used to carry out censorship or surveillance.[vii] Some of these provisions can be waived when it suits American interests. In other areas, the U.S. can also promote public cybersecurity regimes, such as international risk insurance tools and accreditation that encourage network protection and hardening in the private sector.

Strategic Communication – In modern war, the actions of a single Soldier, Sailor, Airman or Marine can have a far-reaching impact on national strategy. While this is often used to highlight the potential implications of an untoward or controversial event, the reverse also holds true. The actions of every member of the U.S. government, from Foreign Service officer, embassy staff and humanitarian assistance officer to those of the military can have an equally positive impact if the appropriate messages are coordinated and timed to unfolding events. The United States should expand strategic communication tools such as Radio Free Asia and Voice of America. Using new capabilities in cyberspace and in personal communications, a comprehensive program of unbiased news delivery and strategic messaging to the Chinese public on a much larger scale can, over time, provide alternatives to Chinese government propaganda. Not to be forgotten, approximately two million Chinese visit the United States each year as tourists[viii], and around a quarter of a million Chinese students attend college in the U.S.[ix] Each visitor and student represents an opportunity for engagement.

Cyberspace Operations – Being able to deliver effects in and through cyberspace to China is a question of both access and capabilities. China has one of the most robust and sophisticated information control systems in the world, with multiple internal security and military organizations and tens of thousands of Chinese working daily to censor communications and filter access within China and between China and the world. Network penetrations and preplacement access generation needs to occur now, during peacetime, and continue throughout in order to assure capabilities can be delivered when needed. The fact is that when tensions escalate and China erects more firewalls, penetration becomes that much more difficult, if not impossible. This leaves military commanders and policy-makers little choice but to revert to traditional kinetic tools to dissuade Chinese aggression – exactly the scenario they hope to avoid – and plays to China’s strengths. Developing multiple access vectors now with the capability to hold at-risk, at a time and place of our choosing, information control systems in the long run represent an efficient means of directly attacking China’s most critical vulnerability and holding the Communist Party’s political control at risk. This represents an asymmetric counter to China’s growing A2/AD capabilities, and is a far more efficient and economical alternative.

Cyberspace operations reside on a continuum, sometimes offensive, sometimes defensive and sometimes both simultaneously. At the same time the U.S. is developing access vectors and tools to exploit China’s information control systems, it must also harden its own military, government, and civilian critical infrastructure networks. Research suggests that improving cyber defenses limit incentives to infiltrate networks for espionage, intellectual property theft, or cyber-attack. A resilience model should be adopted. Instead of building “cyber walls” using a traditional warfare model, cyber defense should model biological systems that can adapt and recover. Systems can be designed to turn the table on intrusions, misdirecting them down false alleys or “sinkholing” them in so-called “honeypots” for study. This can even be effective in passing back false information or simply causing the attacker to waste time and resources chasing phantoms.[x] On the offensive side of the continuum, experts like retired Army Lieutenant Colonel Timothy Thomas see the development and fielding of 13 offensive cyber warfare teams as significant. According to him, the Chinese “now know we are ready to go on the offense. There’s something that’s been put in place that I think is going to change their view.”[xi]

Clandestine Action – Due to the difficulties in acquiring and maintaining access in closed networks, the United States will have to undertake clandestine efforts, both in cyberspace and through traditional means. Policy makers should be careful, however, not to be lulled by the lure of technologically-based cyberspace operations as the preferable alternative to traditional human intelligence operations. While the U.S. is right to continue to pursue advances in unmanned vehicles, radio-frequency and electro-magnetic operations, and space-based computer and communication operations, obtaining and maintaining access in many cases will require mixed-mode penetration: human and cyber action. Cultivating human sources to gain insight into leadership intentions, network configurations, and potential areas of exploitation remain a critical part of a broad information operations campaign. As China continues to pursue clandestine operations against the U.S., both to gather traditional intelligence and to enable their own cyberspace operations, our own counter-intelligence and cyberspace defense capabilities will become that much more important.

These lines of effort will have to be synchronized in a mutually supporting effort. Public diplomacy and strategic communication can be enabled in and through cyberspace. Clandestine action may be required to obtain and maintain access to critical networks. Economic incentives, technology export controls and sanctions will play critical roles at times to advance America’s interests to degrade or disrupt China’s information control systems.

It will be necessary to develop options which degrade China’s information control capabilities incrementally while preserving significant reserves. Historically, this has been especially tricky. Past experience, such as the Vietnam War, suggests that the incremental application of force with too fine of control tends to condition the adversary rather than compel the adversary. The U.S. will need to be able to send “warning shots” that indicate to the CCP that we possess capabilities that will cause them to lose control entirely and threaten their hold on power, allowing the U.S. to prevail. Of course, given that many cyberspace and IO capabilities are perishable once used, the U.S. will need to maintain a host of capabilities able to be delivered across multiple vectors and times and places of our choosing.

One must be mindful that while China’s information controls systems are a critical vulnerability, they are not a gateway to the overthrow of the CCP and the establishment of a democratic government, at least not right away. Data suggests that the vast majority of the Chinese public who utilize the Internet and social media are quite happy with the amount and variety of content available. Only about 10 percent use the Internet for political purposes with the remainder, like their American counterparts, using it for entertainment and socializing.[xii] Therefore, strategic messaging will have to be much less overt and subtler.

We should utilize the natural advantages the U.S. has in the entertainment and public relations world to encourage the public to put pressure on the government gradually, perhaps not directly in the political sphere but rather on natural fissures and tensions already resident, such as corruption, mismanagement, ethnic strife, uneven development, environmental degradation, and the growing wealth gap in China. Consider the recent effort by the U.S. Department of State to publicly highlight air quality in Beijing, resulting in embarrassment as well as change in China’s environmental policies.[xiii] Similar efforts, both public or through providing covert support to internal groups in China, would hopefully have similar impact. The goal will be to keep the CCP looking inward, concerned about social stability, rather than outward, projecting power.

To be successful, it will be necessary to understand at the highest level of detail possible not only the technical aspects of China’s information control apparatus but also its command, control and communication pathways, chain of command, and decision making calculus. Technical intelligence requirements would include network configuration pathways, router and server equipment models, operating and surveillance software versions, administrative controls, wireless hot points and air gaps and fiber network systems. The U.S. will need to know which agencies and bureaucracies are responsible for various kinds of surveillance and what their resident capabilities, gaps and scope of responsibility is. It would be helpful to identify key personalities and understand the resource competition between them in order to exploit them. We need to know how commands are passed down from leadership to operators, and if it is possible to deny, degrade, and in some way get in the middle of those communication pathways. We will also need to know the decision calculus of the Central Standing Committee. What will cause them to want to tighten control, or perhaps better yet, what might they simply ignore? This is certainly not an exhaustive list of intelligence requirements, but gives a sense of the kinds of information that a successful strategy will require.

China’s Response

In war, the enemy gets a vote, so policy makers and military commanders must carefully consider and “wargame” China’s response to a U.S. effort threatening its information control systems. By doing so, the U.S. can better prepare courses of action that counter potential Chinese responses. Traditionally, planners will break down adversary responses into two categories: most likely and most dangerous.

China’s responses are naturally shaped by their historic understanding of their place in the world, and especially the recent “Century of Humiliation” and the role that historical grievance plays in this understanding.[xiv] Attempting to shape the CCP’s ability to control information within China has a direct impact on the regime’s need to mobilize popular support in times of crisis or even war. The CCP has come to realize that “it cannot simply demand compliance and access to materials, people or facilities” as it probably once could during the days of Mao Zedong. The CCP and the PLA have undertaken “a systematic attempt to plan for mobilization, integrating it into economic development.”[xv] This planning includes “information mobilization” due to the “central role of information and information technology, especially in the context of informationized warfare.”[xvi] The various activities proposed here to attack critical vulnerabilities in China’s strategy should be viewed by policy-makers on a continuum of escalation. Public information campaigns highlighting air quality in Beijing will annoy the CCP in a much different way than denying China the ability to filter Internet content or threatening regime legitimacy.

March 22, 2013: Staff members of the newly-merged State General Administration of Press, Publication, Radio, Film and Television pose for group photos during a ceremony to hang a new nameplate in Beijing (Photo Credit: Xinhua/Wang Zhen).

China’s most likely course of action will be to continue to “plug the gaps” that any U.S. program creates in their information control system. This is a beneficial byproduct since the Chinese will continue to expend time and resources with an inward focus, possibly diverting some of its effort away from cyber espionage, or change its focus of cyber espionage from intellectual property theft to countering U.S. efforts. It will continue to partner with “like minded” regimes such as Russia, Iran, and Venezuela, perhaps targeting U.S. allies in Asia, Africa, and the Middle East, to advance an alternative international rule set and standard. China’s “Internet Agenda” will continue to focus on international recognition of state sovereignty over cyberspace, a global internet regulatory scheme that targets cybercrime and terrorism (with sufficiently vague definitions of “crime” and “terrorism” to allow for maximum latitude), and the legitimate role of the state to remain the “gatekeeper” to their country’s access to the internet.[xvii]

We can surmise what effect this strategy might have by examining world events and how the PRC responded when it felt threatened by internal pressures. For example, China has had a difficult relationship with some Muslim nations due to persecution of Uighurs in Xinjiang province. The recent decision by Thailand to repatriate nearly 100 Uighurs back to China was met with harsh criticism from the United Nations Refugee Agency and the international non-governmental organization Human Rights Watch. Reporting suggests that Beijing may have pressured Bangkok, and Chinese persecution has strained relations with Turkey, which has both ethnic and religious ties to the Uighurs in Xinjiang.[xviii] In September of 2014, Ilham Tohti, an economics professor and member of the CCP, was sentenced to life in prison by a Xinjiang court for “inciting separatism” and inviting “international opprobrium,” according to Georgetown University professor James A. Millward.[xix]

China’s continued crackdown on Internet access appears to be having a direct impact on business and foreign investment, according to surveys conducted by the European Union Chamber of Commerce in China and the American Chamber of Commerce. Respondents noted that foreign firms feel “less welcome,” poor air quality makes it harder for firms to recruit executives, and that recent regulatory enforcement campaigns “target and hinder foreign companies.”[xx]

These two examples – internal repression, censorship and the impact on international relations and foreign investment – expose vulnerabilities in how China chooses to stem threats, which come at a cost to China. Therefore, we have insight into how proposed information activities which parallel previous events might look and the anticipated costs. A Cyberspace/IO Offset targeting China’s information control systems can be expected to result in more extreme or diverse efforts to clamp down on information and economic exchange, perhaps ratcheting up internal dissent or imposing economic costs as foreign investment slows.

Conclusion

By targeting China’s information control system, the United States can directly attack China’s most critical vulnerabilities and weaken its center of gravity, the Chinese Communist Party. By placing these controls at risk, PRC leadership will come to believe that their hold on power and ability to maintain domestic harmony is in jeopardy. This will permit the United States to effectively and efficiently counter Chinese power during a critical window of the next ten to twenty years, when demographic and economic headwinds will cause China to enter a period of decline.

A whole of government approach is often advocated but exceedingly difficult to execute in our federal system. The strategy will require careful coordination and long-term vision, two capabilities that Western democracies are notoriously deficient in. Due to the nature of the strategy, lines of effort and operations can become quickly compartmentalized in classified channels, which will make coordination that much more difficult. Importantly, much like the policy of containment against the Soviets, it will require buy in from across the political spectrum, also no easy task.

Ultimately, a Cyberspace-IO Offset permits the United States to leverage its unique advantages, both technological and historically ideological, to attack China’s critical vulnerabilities asymmetrically. Despite the challenge this strategy poses, the U.S. has shown historic resiliency and proven adaptability in the past, and the present is no different.

LT Robert “Jake” Bebber USN is a Cryptologic Warfare Officer assigned to United States Cyber Command. His previous assignments have included serving as an Information Operations officer in Afghanistan, Submarine Direct Support Officer and the Fleet Information Warfare Officer for the U.S. Seventh Fleet. He holds a Ph.D. in Public Policy from the University of Central Florida. His writing has appeared in Proceedings, Parameters, Orbis and elsewhere. He lives in Millersville, Maryland and is supported by his wife, Dana and their two sons, Vincent and Zachary. The views expressed here are his own and do not reflect those of the Department of Defense, Department of the Navy or U.S. Cyber Command. He welcomes your comments at jbebber@gmail.com.

[ii] Joint Publication 3-12 Cyberspace Operations defines the Physical Network Layer as “comprised of the geographic component and the physical network components. It is the medium where the data travel;” the Logical Network Layer as consisting of “those elements of the network that are related to one another in a way that is abstracted from the physical network, i.e., the form or relationships are not tied to an individual, specific path, or node;” and the Cyber-Persona Layer as “the people actually on the network. Cyber-personas may relate fairly directly to an actual person or entity, incorporating some biographical or corporate data, e-mail and IP address(es), Web pages, phone numbers, etc. However, one individual may have multiple cyber-persona, which may vary in the degree to which they are factually accurate. A single cyber-persona can have multiple users.”